package org.spring.security.oauth2.resource.server;

import org.springframework.boot.actuate.trace.http.HttpTrace.Principal;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/api")
public class PetstoreController {

    @GetMapping("/pet")
    @PreAuthorize("#oauth2.hasScope('query')")
    public String pet(Principal principal) {
        return "Hi " + principal.getName() + ". My pet is dog";
    }
    
    @GetMapping("/cat")
    public String person() {
        return ". I like a cat";
    }


}
